@vibetasks/mcp-server 0.6.5 → 0.6.6

package/README.md

@@ -4,7 +4,10 @@ Model Context Protocol (MCP) server for VibeTasks integration with Claude Code,
 
 ## Features
 
-- **11 MCP Tools** for full task management (create, read, update, delete, search, complete, vibing status, context notes, batch create with subtasks, log sessions)
+- **14 MCP Tools** for full task management + RLM codebase queries
+  - 11 task tools (create, read, update, delete, search, complete, vibing status, context notes, batch create with subtasks, log sessions)
+  - 3 RLM tools (query massive codebases, get stats, clear cache)
+- **RLM (Recursive Language Models)**: Query 10M+ token codebases with 29% better accuracy and 3x cost reduction
 - **Status Workflow**: `todo` -> `vibing` -> `done` - track what you're actively working on
 - **Context Notes**: "Where I left off" notes to capture your progress and next steps
 - **Project Auto-Detection**: Automatically tags tasks with project name from git repository
@@ -46,13 +49,27 @@ Edit your Claude Code config file:
       "command": "vibetasks-mcp",
       "env": {
         "TASKFLOW_SUPABASE_URL": "https://your-project.supabase.co",
-        "TASKFLOW_SUPABASE_KEY": "your-supabase-anon-key"
+        "TASKFLOW_SUPABASE_KEY": "your-supabase-anon-key",
+        "ANTHROPIC_API_KEY": "sk-ant-your-key-here"
       }
     }
   }
 }
 ```
 
+**Note:** `ANTHROPIC_API_KEY` is optional but required for RLM tools (`rlm_query_codebase`, `rlm_get_codebase_stats`). If not provided, only the 11 standard task tools will be available.
+
+**Environment Variables:**
+- `TASKFLOW_SUPABASE_URL` - Your Supabase project URL (required)
+- `TASKFLOW_SUPABASE_KEY` - Your Supabase anon key (required)
+- `ANTHROPIC_API_KEY` - Claude API key for RLM tools (optional)
+- `RLM_MAX_DEPTH` - Max recursion depth for RLM (default: 3)
+- `RLM_VERBOSE` - Enable RLM debug logs (default: false)
+- `RLM_SUB_MODEL` - Model for RLM sub-queries (default: claude-haiku-4-5-20241022)
+
+```json
+```
+
 **Restart Claude Code** after updating the config.
 
 ### Manual Installation (Development)
@@ -152,6 +169,31 @@ Create a parent task with subtasks in one call (perfect for TodoWrite integratio
 
 **Use case:** When using Claude's TodoWrite feature, automatically mirror your todo list to VibeTasks for persistent tracking beyond the session.
 
+#### Using Copyable Values in Instructions
+
+When creating tasks with specific values users need to copy (app names, IDs, URLs, etc.), use **markdown backticks** in the `instructions` field to make values copyable with one click:
+
+**Example:**
+```typescript
+{
+  title: "Create OAuth App",
+  instructions: "1. Go to Apple Developer Console\n2. Create app with name: `VibeTasks`\n3. Set Bundle ID: `com.sparktory.vibetasks`\n4. Save the **App ID** for later"
+}
+```
+
+**What the user sees:**
+- "Create app with name:" as plain text
+- `VibeTasks` highlighted with a hover copy button
+- `com.sparktory.vibetasks` highlighted with copy button
+- "App ID" in bold (markdown)
+
+**Supported markdown in instructions:**
+- `` `inline code` `` → Copyable with button
+- `**bold**` → Emphasized text
+- `*italic*` → Italic text
+- `[links](url)` → Clickable links
+- ` ```code blocks``` ` → Multi-line code
+
 #### list_tasks
 Get tasks with optional status filter:
 ```
@@ -231,6 +273,79 @@ Manually log a session:
   duration_minutes: 45
 ```
 
+### RLM Tools (Recursive Language Models)
+
+RLM tools enable querying massive codebases (10M+ tokens) with no context window limits. Based on MIT's RLM paper, these tools treat your codebase as an external environment that can be recursively explored.
+
+#### rlm_query_codebase
+
+Query your entire codebase with complex questions:
+
+```
+@vibetasks rlm_query_codebase
+  query: "How does user authentication work from login button to database?"
+  focused: true
+  maxFiles: 100
+```
+
+**Parameters:**
+- `query` (required): Your question about the codebase
+- `focused` (default: true): Pre-filter relevant files using semantic search (faster, cheaper)
+- `maxFiles` (default: 100): Maximum files to include in focused mode
+- `verbose` (default: false): Show detailed execution logs
+- `maxDepth` (default: 3): Maximum recursion depth
+
+**Example Queries:**
+- "List all API endpoints with their HTTP methods and routes"
+- "Find all TODO and FIXME comments grouped by priority"
+- "What files depend on UserService and how do they use it?"
+- "How does the payment flow work end-to-end?"
+- "Find all database queries that don't use prepared statements"
+
+**Benefits:**
+- **No context limits**: Handles 10M+ tokens (thousands of files)
+- **Better accuracy**: 29% more accurate than base LLM (MIT paper)
+- **Lower cost**: 3x cheaper than loading full context
+- **No information loss**: Uses recursive search, not summarization
+
+**Cost:**
+- Small codebase (~500k tokens): $0.01 - $0.05 per query
+- Large codebase (10M tokens): $0.50 - $2.00 per query
+- vs Base LLM: 15-60x cost reduction
+
+**How it works:**
+1. Loads codebase into Python REPL environment (not LLM context)
+2. LLM writes Python code to search/filter context
+3. LLM recursively calls itself on relevant chunks
+4. Aggregates results and returns answer
+
+#### rlm_get_codebase_stats
+
+Get statistics about your codebase without running a query:
+
+```
+@vibetasks rlm_get_codebase_stats
+```
+
+Returns:
+- File count
+- Total size (bytes)
+- Estimated tokens
+- Estimated cost for RLM query
+- Top file types
+
+Use this before running expensive queries to understand scope.
+
+#### rlm_clear_cache
+
+Clear the RLM context cache to force reloading files:
+
+```
+@vibetasks rlm_clear_cache
+```
+
+Useful when files have changed and you want fresh context.
+
 ### MCP Resources
 
 Resources provide automatic context to AI:

package/dist/human-tasks-I5NY4ML3.js

@@ -0,0 +1,454 @@
+// src/templates/human-tasks/apple-oauth.ts
+function createAppleOAuthTask(config) {
+  return {
+    title: "\u{1F464} Setup Apple Sign In",
+    description: `Configure Apple OAuth for ${config.appName}. This requires access to Apple Developer Portal (humans only).`,
+    subtasks: [
+      {
+        title: "Create App ID in Apple Developer Portal",
+        completed: false,
+        link: {
+          url: "https://developer.apple.com/account/resources/identifiers/list",
+          label: "Open Apple Developer"
+        },
+        instructions: `1. Click **+** to create new identifier
+2. Select **App IDs** \u2192 Continue
+3. Choose **App** \u2192 Continue
+4. Enter details:
+   - Description: \`${config.appName}\`
+   - Bundle ID: \`${config.bundleId}\`
+   - Capabilities: Enable **Sign in with Apple**
+5. Click **Register**
+6. **Save the App ID** (you'll need it in next step)`,
+        warning: "Don't share your Team ID publicly. It's sensitive.",
+        tip: "You can find your Team ID in Account \u2192 Membership"
+      },
+      {
+        title: "Create Services ID",
+        completed: false,
+        link: {
+          url: "https://developer.apple.com/account/resources/identifiers/list/serviceId",
+          label: "Open Services"
+        },
+        instructions: `1. Click **+** to create new identifier
+2. Select **Services IDs** \u2192 Continue
+3. Enter details:
+   - Description: \`${config.appName} Web\`
+   - Identifier: \`${config.bundleId}.web\`
+   - Enable **Sign in with Apple**
+4. Click **Continue** \u2192 **Register**
+5. Click on the Services ID you just created
+6. Click **Configure** next to Sign in with Apple
+7. Add your domain and return URLs:
+   - Domains: \`localhost\` (for dev), your production domain
+   - Return URLs: \`http://localhost:3000/api/auth/callback/apple\`
+8. Click **Done** \u2192 **Save**
+9. **Copy the Services ID** (you'll give this to VibBot)`,
+        warning: "Return URLs must match exactly (including http/https)",
+        tip: "Add both localhost (dev) and production URLs to avoid reconfiguring later"
+      },
+      {
+        title: "Generate Private Key",
+        completed: false,
+        link: {
+          url: "https://developer.apple.com/account/resources/authkeys/list",
+          label: "Open Keys"
+        },
+        instructions: `1. Click **+** to create new key
+2. Enter key name: \`${config.appName} Sign In Key\`
+3. Enable **Sign in with Apple**
+4. Click **Configure** \u2192 Select your App ID \u2192 **Save**
+5. Click **Continue** \u2192 **Register**
+6. **Download the .p8 key file** (you can only download once!)
+7. **Save the Key ID** (10 characters, shown at the top)
+
+\u26A0\uFE0F **CRITICAL**: Store the .p8 file safely. You cannot download it again.`,
+        warning: "You can only download the private key ONCE. Save it immediately.",
+        tip: "Store in password manager or .secrets/ folder (never commit to git)"
+      },
+      {
+        title: "Hand back to VibBot",
+        completed: false,
+        aiPrompt: `I've completed Apple OAuth setup. Here are the credentials:
+
+Services ID: [paste here]
+Team ID: [paste here]
+Key ID: [paste here]
+Private Key Path: [path to .p8 file]
+
+Please configure the app with these credentials.`,
+        instructions: `Copy the above template, fill in your credentials, and send to VibBot.
+
+VibBot will:
+1. Store credentials in .env file (never committed)
+2. Configure auth provider
+3. Test the integration
+4. Create a test task for you to verify login works`,
+        tip: "VibBot will guide you through testing once credentials are configured"
+      }
+    ]
+  };
+}
+
+// src/templates/human-tasks/google-oauth.ts
+function createGoogleOAuthTask(config) {
+  return {
+    title: "\u{1F464} Setup Google OAuth 2.0",
+    description: `Configure Google OAuth for ${config.appName}. Requires Google Cloud Console access.`,
+    subtasks: [
+      {
+        title: "Create Google Cloud Project",
+        completed: false,
+        link: {
+          url: "https://console.cloud.google.com/projectcreate",
+          label: "Open Google Cloud Console"
+        },
+        instructions: `1. Enter project details:
+   - Project name: \`${config.appName}\`
+   - Organization: (optional, select if you have one)
+2. Click **Create**
+3. Wait for project creation (~30 seconds)
+4. **Copy the Project ID** (you'll need it later)`,
+        tip: "Project ID is permanent and used in API calls. Project name can be changed later."
+      },
+      {
+        title: "Enable Google Sign-In API",
+        completed: false,
+        link: {
+          url: "https://console.cloud.google.com/apis/library",
+          label: "Open API Library"
+        },
+        instructions: `1. Make sure your project is selected (top dropdown)
+2. Search for **"Google+ API"** or **"Google Identity"**
+3. Click on **Google+ API**
+4. Click **Enable**
+5. Wait for activation (~10 seconds)`,
+        warning: "Make sure you selected the correct project before enabling APIs"
+      },
+      {
+        title: "Configure OAuth Consent Screen",
+        completed: false,
+        link: {
+          url: "https://console.cloud.google.com/apis/credentials/consent",
+          label: "Open Consent Screen"
+        },
+        instructions: `1. Select **User Type**:
+   - **External** (for public apps)
+   - **Internal** (for Google Workspace only)
+2. Click **Create**
+3. Fill in App Information:
+   - App name: \`${config.appName}\`
+   - User support email: [your email]
+   - Developer contact: [your email]
+4. Click **Save and Continue**
+5. Scopes: Click **Add or Remove Scopes**
+   - Add: \`email\`, \`profile\`, \`openid\`
+   ${config.scopes.length > 0 ? `   - Also add: ${config.scopes.map((s) => `\`${s}\``).join(", ")}` : ""}
+6. Click **Update** \u2192 **Save and Continue**
+7. Test users (for External apps):
+   - Add your email for testing
+8. Click **Save and Continue** \u2192 **Back to Dashboard**`,
+        tip: "Start with External type. You can change to Internal later if you have Google Workspace."
+      },
+      {
+        title: "Create OAuth Client ID",
+        completed: false,
+        link: {
+          url: "https://console.cloud.google.com/apis/credentials",
+          label: "Open Credentials"
+        },
+        instructions: `1. Click **Create Credentials** \u2192 **OAuth client ID**
+2. Application type: **Web application**
+3. Name: \`${config.appName} Web Client\`
+4. Authorized redirect URIs:
+   ${config.redirectUris.map((uri) => `   - \`${uri}\``).join("\n")}
+5. Click **Create**
+6. **Copy both**:
+   - Client ID (long string starting with numbers)
+   - Client Secret (random string)
+7. Click **OK**
+
+\u{1F389} You now have OAuth credentials!`,
+        warning: "Client Secret is sensitive - store it in .env file, never commit to git",
+        tip: "Add both localhost (dev) and production URLs now to avoid reconfiguring"
+      },
+      {
+        title: "Hand back to VibBot",
+        completed: false,
+        aiPrompt: `I've completed Google OAuth setup. Here are the credentials:
+
+Client ID: [paste here]
+Client Secret: [paste here]
+Project ID: [paste here]
+
+Please configure the app with these credentials.`,
+        instructions: `Copy the template above, fill in your credentials, and send to VibBot.
+
+VibBot will:
+1. Store credentials in .env.local file
+2. Configure NextAuth or your auth provider
+3. Test the integration
+4. Create a test task for you to verify "Sign in with Google" works`,
+        tip: "VibBot will create a secure .env.local file that is gitignored automatically"
+      }
+    ]
+  };
+}
+
+// src/templates/human-tasks/github-app.ts
+function createGitHubAppTask(config) {
+  return {
+    title: "\u{1F464} Create GitHub App",
+    description: `Setup GitHub App for ${config.appName}. Requires GitHub account with owner permissions.`,
+    subtasks: [
+      {
+        title: "Create New GitHub App",
+        completed: false,
+        link: {
+          url: "https://github.com/settings/apps/new",
+          label: "Create GitHub App"
+        },
+        instructions: `1. Fill in basic information:
+   - GitHub App name: \`${config.appName}\`
+   - Homepage URL: \`https://github.com/yourusername/${config.appName.toLowerCase().replace(/\s+/g, "-")}\`
+   - Description: What your app does
+2. Webhook:
+   - Active: **\u2713 Checked**
+   - Webhook URL: \`${config.webhookUrl}\`
+   - Webhook secret: (click Generate) \u2192 **Copy this!**
+3. Permissions:
+${config.permissions.map((p) => `   - ${p.name}: **${p.access}**`).join("\n")}
+4. Subscribe to events:
+${config.events.map((e) => `   - [x] ${e}`).join("\n")}
+5. Where can this app be installed: **Only on this account**
+6. Click **Create GitHub App**`,
+        warning: "Save the webhook secret immediately - you cannot view it again!",
+        tip: "Use ngrok for webhook URL during development: `ngrok http 3000`"
+      },
+      {
+        title: "Generate Private Key",
+        completed: false,
+        instructions: `After creating the app:
+
+1. Scroll to **Private keys** section
+2. Click **Generate a private key**
+3. A .pem file will download automatically
+4. **Save this file securely** (e.g., \`.secrets/github-app-key.pem\`)
+
+\u26A0\uFE0F **CRITICAL**: This key authenticates your app. Never commit to git.`,
+        warning: "Private key can only be generated once per key. Download immediately.",
+        tip: "Add *.pem to your .gitignore if not already there"
+      },
+      {
+        title: "Get App ID and Installation ID",
+        completed: false,
+        instructions: `1. Scroll to **About** section
+   - **Copy App ID** (6-digit number)
+
+2. Scroll to **Install App** (left sidebar)
+3. Click **Install** next to your username/org
+4. Choose:
+   - **All repositories** or **Only select repositories**
+5. Click **Install**
+6. After installation, note the URL:
+   - Format: \`https://github.com/settings/installations/XXXXXXXX\`
+   - **Copy the installation ID** (the XXXXXXXX number)`,
+        tip: "Installation ID is per-account. If you install on multiple orgs, each has its own ID."
+      },
+      {
+        title: "Hand back to VibBot",
+        completed: false,
+        aiPrompt: `I've completed GitHub App setup. Here are the credentials:
+
+App ID: [paste here]
+Installation ID: [paste here]
+Webhook Secret: [paste here]
+Private Key Path: [path to .pem file]
+
+Please configure the app with these credentials.`,
+        instructions: `Copy the template, fill in credentials, send to VibBot.
+
+VibBot will:
+1. Store credentials in .env file
+2. Configure webhook endpoint
+3. Test webhook delivery
+4. Create integration tests`,
+        codeSnippet: {
+          language: "bash",
+          code: `# Test webhook (VibBot will do this automatically)
+curl -X POST ${config.webhookUrl} \\
+  -H "Content-Type: application/json" \\
+  -H "X-GitHub-Event: ping" \\
+  -d '{"zen": "Design for failure."}'`,
+          label: "Webhook test command"
+        }
+      }
+    ]
+  };
+}
+
+// src/templates/human-tasks/stripe-integration.ts
+function createStripeIntegrationTask(config) {
+  return {
+    title: "\u{1F464} Setup Stripe Payment Processing",
+    description: `Configure Stripe for ${config.appName}. Requires Stripe account (free to create).`,
+    subtasks: [
+      {
+        title: "Create Stripe Account",
+        completed: false,
+        link: {
+          url: "https://dashboard.stripe.com/register",
+          label: "Sign up for Stripe"
+        },
+        instructions: `1. Create Stripe account (if you don't have one)
+2. Verify your email
+3. Complete business details:
+   - Business name: \`${config.appName}\`
+   - Business type: Individual or Company
+   - Industry: Software
+4. Skip tax forms for now (can complete later)
+5. Click **Start using Stripe**`,
+        tip: "You can use Stripe in Test Mode before activating your account (no business verification needed)"
+      },
+      {
+        title: "Get API Keys",
+        completed: false,
+        link: {
+          url: "https://dashboard.stripe.com/test/apikeys",
+          label: "View API Keys"
+        },
+        instructions: `1. Make sure you're in **Test Mode** (toggle in top right)
+2. Find your keys:
+   - **Publishable key**: Starts with \`pk_test_\`
+   - **Secret key**: Click **Reveal** \u2192 Starts with \`sk_test_\`
+3. **Copy both keys**
+
+\u{1F4DD} **Note**: These are TEST keys. You'll get production keys later.`,
+        warning: "Secret key is sensitive - never commit to git or share publicly",
+        tip: "Test mode is free and unlimited. Use it for development."
+      },
+      {
+        title: "Create Products/Prices",
+        completed: false,
+        link: {
+          url: "https://dashboard.stripe.com/test/products",
+          label: "Create Products"
+        },
+        instructions: `For each product you want to sell:
+
+1. Click **Add product**
+2. Enter details:
+   - Name: Product name
+   - Description: What customer gets
+3. Pricing:
+   - One-time or Recurring (subscription)
+   - Amount: Price in dollars
+   - Currency: USD
+4. Click **Add product**
+5. **Copy the Price ID** (starts with \`price_\`)
+
+Repeat for all products: ${config.products.join(", ")}`,
+        tip: "You can create multiple price points for the same product (e.g., monthly/yearly)"
+      },
+      {
+        title: "Setup Webhook Endpoint",
+        completed: false,
+        link: {
+          url: "https://dashboard.stripe.com/test/webhooks",
+          label: "Configure Webhooks"
+        },
+        instructions: `1. Click **Add endpoint**
+2. Endpoint URL: \`https://yourdomain.com/api/webhooks/stripe\`
+   - For local dev: Use ngrok (\`ngrok http 3000\`)
+   - Example: \`https://abc123.ngrok.io/api/webhooks/stripe\`
+3. Select events to listen to:
+${config.webhookEvents.map((e) => `   - [x] ${e}`).join("\n")}
+4. Click **Add endpoint**
+5. **Copy the Signing Secret** (starts with \`whsec_\`)`,
+        warning: "Webhook signing secret is used to verify events are from Stripe. Keep it secure.",
+        codeSnippet: {
+          language: "bash",
+          code: `# Install Stripe CLI for local webhook testing
+brew install stripe/stripe-cli/stripe
+
+# Login
+stripe login
+
+# Forward webhooks to localhost
+stripe listen --forward-to localhost:3000/api/webhooks/stripe`,
+          label: "Local webhook testing (optional)"
+        }
+      },
+      {
+        title: "Enable Customer Portal (Optional)",
+        completed: false,
+        link: {
+          url: "https://dashboard.stripe.com/test/settings/billing/portal",
+          label: "Configure Portal"
+        },
+        instructions: `If you want customers to manage their subscriptions:
+
+1. Click **Activate test link**
+2. Configure features:
+   - [x] Update payment method
+   - [x] Cancel subscription
+   - [x] View invoice history
+3. Branding:
+   - Accent color: Your brand color
+   - Logo: (optional)
+4. Click **Save**
+5. **Copy the Portal link** (for testing)`,
+        tip: "Customer Portal lets users manage billing without contacting you"
+      },
+      {
+        title: "Hand back to VibBot",
+        completed: false,
+        aiPrompt: `I've completed Stripe setup. Here are the credentials:
+
+**Test Mode Keys:**
+Publishable Key: [paste pk_test_...]
+Secret Key: [paste sk_test_...]
+Webhook Signing Secret: [paste whsec_...]
+
+**Product IDs:**
+${config.products.map((p) => `- ${p}: [paste price_...]`).join("\n")}
+
+Please configure the app with these credentials.`,
+        instructions: `Copy the template, fill in credentials, send to VibBot.
+
+VibBot will:
+1. Store credentials in .env.local file
+2. Configure Stripe SDK
+3. Create payment endpoint
+4. Setup webhook handler
+5. Create test purchase flow`,
+        tip: "VibBot will create a test checkout that you can verify with Stripe test card: 4242 4242 4242 4242"
+      }
+    ]
+  };
+}
+
+// src/templates/human-tasks/index.ts
+var TEMPLATE_KEYWORDS = {
+  "apple-oauth": ["apple oauth", "apple sign in", "sign in with apple", "apple developer"],
+  "google-oauth": ["google oauth", "google sign in", "sign in with google", "google cloud console"],
+  "github-app": ["github app", "github webhook", "github integration", "github oauth app"],
+  "stripe": ["stripe", "payment", "checkout", "subscription", "stripe integration"]
+};
+function detectTemplate(description) {
+  const lowerDesc = description.toLowerCase();
+  for (const [template, keywords] of Object.entries(TEMPLATE_KEYWORDS)) {
+    if (keywords.some((keyword) => lowerDesc.includes(keyword))) {
+      return template;
+    }
+  }
+  return null;
+}
+export {
+  TEMPLATE_KEYWORDS,
+  createAppleOAuthTask,
+  createGitHubAppTask,
+  createGoogleOAuthTask,
+  createStripeIntegrationTask,
+  detectTemplate
+};